Merge pull request #9332 from ruby/show-incorrect-dependencies-message

Include detailed dependencies when gemfile and lockfile are conflicts

Author: hsbt

bundler/lib/bundler/errors.rb

@@ -265,14 +265,40 @@ def message
   class InvalidArgumentError < BundlerError; status_code(40); end
 
   class IncorrectLockfileDependencies < BundlerError
-    attr_reader :spec
+    attr_reader :spec, :actual_dependencies, :lockfile_dependencies
 
-    def initialize(spec)
+    def initialize(spec, actual_dependencies = nil, lockfile_dependencies = nil)
       @spec = spec
+      @actual_dependencies = actual_dependencies
+      @lockfile_dependencies = lockfile_dependencies
     end
 
     def message
-      "Bundler found incorrect dependencies in the lockfile for #{spec.full_name}"
+      lines = ["Bundler found incorrect dependencies in the lockfile for #{spec.full_name}", ""]
+
+      if @actual_dependencies && @lockfile_dependencies
+        actual_by_name = @actual_dependencies.each_with_object({}) {|d, h| h[d.name] = d }
+        lockfile_by_name = @lockfile_dependencies.each_with_object({}) {|d, h| h[d.name] = d }
+
+        (actual_by_name.keys | lockfile_by_name.keys).sort.each do |name|
+          actual = actual_by_name[name]
+          lockfile = lockfile_by_name[name]
+          next if actual && lockfile && actual.requirement == lockfile.requirement
+
+          if actual && lockfile
+            lines << "  #{name}: gemspec specifies #{actual.requirement}, lockfile has #{lockfile.requirement}"
+          elsif actual
+            lines << "  #{name}: gemspec specifies #{actual.requirement}, not in lockfile"
+          else
+            lines << "  #{name}: not in gemspec, lockfile has #{lockfile.requirement}"
+          end
+        end
+
+        lines << ""
+      end
+
+      lines << "Please run `bundle install` to regenerate the lockfile."
+      lines.join("\n")
     end
 
     status_code(41)

bundler/lib/bundler/lazy_specification.rb

@@ -262,7 +262,7 @@ def validate_dependencies(spec)
         spec.dependencies = dependencies
       else
         if !source.is_a?(Source::Path) && spec.runtime_dependencies.sort != dependencies.sort
-          raise IncorrectLockfileDependencies.new(self)
+          raise IncorrectLockfileDependencies.new(self, spec.runtime_dependencies, dependencies)
         end
       end
     end

spec/bundler/errors_spec.rb

@@ -0,0 +1,91 @@
+# frozen_string_literal: true
+
+RSpec.describe Bundler::IncorrectLockfileDependencies do
+  describe "#message" do
+    let(:spec) do
+      double("LazySpecification", full_name: "rubocop-1.82.0")
+    end
+
+    context "without dependency details" do
+      subject { described_class.new(spec) }
+
+      it "provides a basic error message" do
+        expect(subject.message).to include("Bundler found incorrect dependencies in the lockfile for rubocop-1.82.0")
+        expect(subject.message).to include("Please run `bundle install` to regenerate the lockfile.")
+      end
+    end
+
+    context "with dependency details" do
+      let(:actual_dependencies) do
+        [
+          Gem::Dependency.new("json", [">= 2.3", "< 4.0"]),
+          Gem::Dependency.new("parallel", ["~> 1.10"]),
+          Gem::Dependency.new("parser", [">= 3.3.0.2"]),
+        ]
+      end
+
+      let(:lockfile_dependencies) do
+        [
+          Gem::Dependency.new("json", [">= 2.3", "< 3.0"]),
+          Gem::Dependency.new("parallel", ["~> 1.10"]),
+          Gem::Dependency.new("parser", [">= 3.2.0.0"]),
+        ]
+      end
+
+      subject { described_class.new(spec, actual_dependencies, lockfile_dependencies) }
+
+      it "shows only mismatched dependencies" do
+        message = subject.message
+
+        expect(message).to include("json: gemspec specifies")
+        expect(message).to include("parser: gemspec specifies")
+        expect(message).not_to include("parallel")
+      end
+    end
+
+    context "when gemspec has dependencies but lockfile has none" do
+      let(:actual_dependencies) do
+        [
+          Gem::Dependency.new("myrack-test", ["~> 1.0"]),
+        ]
+      end
+
+      let(:lockfile_dependencies) { [] }
+
+      subject { described_class.new(spec, actual_dependencies, lockfile_dependencies) }
+
+      it "shows the dependency as not in lockfile" do
+        message = subject.message
+
+        expect(message).to include("myrack-test: gemspec specifies ~> 1.0, not in lockfile")
+      end
+    end
+
+    context "when gemspec has no dependencies but lockfile has some" do
+      let(:actual_dependencies) { [] }
+
+      let(:lockfile_dependencies) do
+        [
+          Gem::Dependency.new("unexpected", ["~> 1.0"]),
+        ]
+      end
+
+      subject { described_class.new(spec, actual_dependencies, lockfile_dependencies) }
+
+      it "shows the dependency as not in gemspec" do
+        message = subject.message
+
+        expect(message).to include("unexpected: not in gemspec, lockfile has ~> 1.0")
+      end
+    end
+  end
+
+  describe "#status_code" do
+    let(:spec) { double("LazySpecification", full_name: "test-1.0.0") }
+    subject { described_class.new(spec) }
+
+    it "returns 41" do
+      expect(subject.status_code).to eq(41)
+    end
+  end
+end

spec/commands/install_spec.rb

@@ -1658,7 +1658,8 @@ def run
       bundle "install", raise_on_error: false
 
       expect(exitstatus).to eq(41)
-      expect(err).to eq("Bundler found incorrect dependencies in the lockfile for myrack_middleware-1.0")
+      expect(err).to include("Bundler found incorrect dependencies in the lockfile for myrack_middleware-1.0")
+      expect(err).to include("myrack: gemspec specifies = 0.9.1, not in lockfile")
     end
 
     it "updates the lockfile when not frozen" do

spec/install/failure_spec.rb

@@ -48,4 +48,38 @@
       end
     end
   end
+
+  context "when lockfile dependencies don't match the gemspec" do
+    before do
+      build_repo4 do
+        build_gem "myrack", "1.0.0" do |s|
+          s.add_dependency "myrack-test", "~> 1.0"
+        end
+
+        build_gem "myrack-test", "1.0.0"
+      end
+
+      gemfile <<-G
+        source "https://gem.repo4"
+        gem "myrack"
+      G
+
+      # First install to generate lockfile
+      bundle :install
+
+      # Manually edit lockfile to have incorrect dependencies
+      lockfile_content = File.read(bundled_app_lock)
+      # Remove the myrack-test dependency from myrack
+      lockfile_content.gsub!(/^    myrack \(1\.0\.0\)\n      myrack-test \(~> 1\.0\)\n/, "    myrack (1.0.0)\n")
+      File.write(bundled_app_lock, lockfile_content)
+    end
+
+    it "reports the mismatch with detailed information" do
+      bundle :install, raise_on_error: false, env: { "BUNDLE_FROZEN" => "true" }
+
+      expect(err).to include("Bundler found incorrect dependencies in the lockfile for myrack-1.0.0")
+      expect(err).to include("myrack-test: gemspec specifies ~> 1.0, not in lockfile")
+      expect(err).to include("Please run `bundle install` to regenerate the lockfile.")
+    end
+  end
 end

spec/lock/lockfile_spec.rb

@@ -1608,7 +1608,8 @@
       gem "myrack_middleware"
     G
 
-    expect(err).to eq("Bundler found incorrect dependencies in the lockfile for myrack_middleware-1.0")
+    expect(err).to include("Bundler found incorrect dependencies in the lockfile for myrack_middleware-1.0")
+    expect(err).to include("myrack: gemspec specifies = 0.9.1, not in lockfile")
     expect(the_bundle).not_to include_gems "myrack_middleware 1.0"
   end